Wireshark is a network packet analysis (Packet Sniffer) software, previously known as Ethereal. With this software, the interface of a computer connected to the Internet can be monitored and recorded instantly.
What is Wireshark?
The Wireshark program is a troubleshooting tool that monitors Open Source network traffic and captures packets instantly. It is one of the most popular tools nowadays and has become even stronger over time as it is Open Source and distributed under the GPL license.
The network analysis and packet capture program is capable of monitoring and capturing all TCP/IP messages. It can also monitor and report all Internet and network data streams on local and global networks.
This program supports many operating systems and also distribute free of charge. It provides users with great convenience to enable them to read data packets. When installing it on your computer, WinPcap also installs.
What is WinPcap? As a result, WinPcap delivers instant reports to the Wireshark program while listening to the network. Supports over 700 network protocols and provides ease of use. You can also examine the protocol source in detail.
It can be installed and run on Windows, Linux, Mac OS X, Unix and BSD based operating systems.
What Does it Do?
You can use the Network packet analysis program for multi-purpose. For example, you are working as a system administrator and the workplace network is functioning very slowly. Using it, you can analyze your network and produce a detailed report.
Let us list the usage areas;
1. It is used to solve protocol errors and understand the logic of operation.
2. It is used to monitor and report errors on the network.
3. It is used to monitor and report errors on the network. It is used to improve the performance of your network and to detect unnatural data flow.
4. It doesn’t just capture the packet instantly. Used to examine a previously saved Pcap package.
5. It is mostly used by network administrators to solve network problems.
6. It is used by software developers to troubleshoot debug errors.
7. IT is used in the IT world by those who want to improve themselves in the field of Cyber Security.
8. It is used to identify DoS attacks.
9. It is used to observe how computer networks work.
10. A computer is used to understand how these processes are getting an IP address.
Where to Download?
You can download Wireshark network monitoring program from your its site according to your operating system. Even if you are a software developer, there is also a platform to support the development of the program.
What is not?
Let’s briefly explain what does not it do;
1. It is NOT an IDS (Intrusion Detection System).
2. It does NOT prevent hacker attacks, only detects.
3. NO IMPACT on your network.
4. The network monitoring utility does NOT send the packet.
Before proceeding with the network monitoring step with Wireshark, the interface you choose is very important. If you access the Internet via Wifi, you will need to select the Wifi adapter of the program interface.
If you are using a virtualization program such as VMware, VirtualBox, you must select the interface that connected to your virtual machine. For example; For VMware network card = VMware Network Adapter VMnet1.
To select the network card and listen to the network, double-click on the network card to be captured as in the image below.
You can instantly review traffic on the network. To apply a filter, click the Apply a display filter option as like the image below.
Then type ICMP in the filter field and press Enter. Open the CMD and Ping to your default gateway. As soon as you ping your modem from your computer, the program will instantly capture and report packages as follows.
How to Setup Wireshark ⇒ Video
You can watch the video below to install Wireshark step by step on your Windows computer and also subscribe to our YouTube channel to support us!
In this article, we have examined the most powerful Wireshark program for analyzing IP packets on the network. With the network analysis program, we can see the oddities on our network and find solutions. In addition, the program is also available and you can take the certification exams. In the following articles, we will analyze the usage of the program and the detailed filters and TCP/IP packets. Thanks for following us!